I'm using Windows 7 and NTFS. I've noticed the MFT is a huge security risk because it can store sensitive document files without user knowledge for a long time before they get overwritten.
All tests I've run tell me that files smaller than 640 bytes are resident in the MFT and cannot be securely deleted. However, any file that's 640 bytes or more can be securely deleted immediately - this is true for my 500GB HDD and my 128GB Flash Drive (both NTFS).
I've tested this by creating a bunch of text files and writing words to them to create different file sizes. Deleting them, emptying recycle bin and running Recuva and then securely deleting highlighted. It fails to securely delete any file under 640 bytes (file is resident in MFT message will come up).
Is this the same for SSDs with Trim Enabled? Why 640 bytes? Thought it was 512 bytes maximum for MFT entries for wiped files?
Any input much appreciated.